Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

matheusronanabel's avatar

Credentials are correct but it redirects to login.

Hi, I'm currently building a Laravel application with breeze. I've done some modifications with the users table, and I'm using Uuid as the primary key of that users table.

Here's my authentication store method. It sits on the auth.php route files.

public function store(LoginRequest $request): RedirectResponse
    {
        $request->authenticate();

        $request->session()->regenerate();

        // dd(session()->all());
    
        return redirect()->intended(RouteServiceProvider::HOME);

    }

When I dd or die dump the session, it shows me the _session or the token.

return $request->expectsJson() ? null : route('login');

I assume this functions expects a json, and since I'm always redirected to login, I assume that it doesn't generate any json.

0 likes
5 replies
matheusronanabel's avatar

@martinbean Hi, there! Here's my Users model

<?php

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
{
    use HasApiTokens, HasFactory, Notifiable;

    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];
}
martinbean's avatar

@megatech So the issue is, you say you‘ve changed the users table to use a UUID for the primary key, but Eloquent models expect primary keys to be integers and cast them as such.

So your UUID values (i.e. 130a2259-793e-41e3-aeb1-1c4b7fc14726) will be getting cast to integers (the aforementioned UUID will get wrongly cast to 130) which will be what’s saved to the session, the next request will look for a user with a primary key of 130, there’ll be no results, hence you no longer being logged in.

I personally don’t use UUIDs as primary keys. Sure, add a second column to store a UUID for each row. But don’t use it as the primary key. But, if you really want to, you need to update all your Eloquent models to tell them you’re using UUIDs and not to cast them as integers. You can do this by adding the HasUuid trait to your models: https://laravel.com/docs/10.x/eloquent#uuid-and-ulid-keys

Snapey's avatar

perhaps you mis understand the function intended()

How do you reach the login page?

do you still have redirectIfAuthenticated middleware?

1 like
matheusronanabel's avatar

@Snapey Hi, there! Yes. I still have the redirectIfAuthenticated middleware.

<?php

namespace App\Http\Middleware;

use App\Providers\RouteServiceProvider;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;

class RedirectIfAuthenticated
{
    /**
     * Handle an incoming request.
     *
     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
     */
    public function handle(Request $request, Closure $next, string ...$guards): Response
    {
        $guards = empty($guards) ? [null] : $guards;

        foreach ($guards as $guard) {
            if (Auth::guard($guard)->check()) {
                return redirect(RouteServiceProvider::HOME);
            }
        }

        return $next($request);
    }
}

Please or to participate in this conversation.